2c38d0274dc4db45ab8a58a342a1839b3fb75cbbe04a4aa4880678b7f5785013

Sharing

Copy URL Twitter E-mail

General

Target

2c38d0274dc4db45ab8a58a342a1839b3fb75cbbe04a4aa4880678b7f5785013
Size

198KB
MD5

09a42c18e085fdcf69162611367a5830
SHA1

8a9eb1904f39f758599421b8b2e45b4b60039943
SHA256

2c38d0274dc4db45ab8a58a342a1839b3fb75cbbe04a4aa4880678b7f5785013
SHA512

44a62b137cb866c1e5a79749ad9601c82177f79a63765cc3cc39cbd872426bb6085152f6fbdefac234b58c345b39262e1208d44c1a80d1d03d8c6c349bed807b
SSDEEP

6144:EV/NkOQr1yPuNtGITZLbwtuR1ZY6cNOxR:EArEPMZotc4NWR

Score

N/A

Malware Config

Signatures

Files

2c38d0274dc4db45ab8a58a342a1839b3fb75cbbe04a4aa4880678b7f5785013
.exe windows x86

64c6f83d1bada1ec897b30aeea8447d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACreateCertType
CAGetCertTypePropertyEx
CAFindCertTypeByName
CAEnumNextCertType
CASetCertTypeFlags
CAFreeCertTypeProperty
CAFindByName
CAEnumCertTypesForCA
CAGetCertTypeExtensions
CAGetCAProperty
CAGetCertTypeProperty
CARemoveCACertificateType
CAGetCertTypeFlags
CACloseCertType
CAUpdateCA
CASetCertTypeProperty
CASetCertTypeKeySpec
CACloseCA
CAAddCACertificateType
CAUpdateCertType
CAGetCertTypeKeySpec
CASetCertTypeExtension
CACertTypeSetSecurity
CAEnumCertTypes
CAFreeCAProperty
CAFreeCertTypeExtensions
CACertTypeGetSecurity

msvcrt

wcscmp
_wcsupr
mbstowcs
_adjust_fdiv
?terminate@@YAXXZ
_onexit
__RTDynamicCast
_purecall
malloc
wcsstr
_wcsicmp
memmove
??1type_info@@UAE@XZ
wcslen
free
wcscpy
_initterm
__dllonexit
??3@YAXPAX@Z
wcsrchr
_except_handler3
wcstoul
wcschr
wcscat
vswprintf
??2@YAPAXI@Z

kernel32

GetACP
GlobalAlloc
GetCurrentProcess
CloseHandle
InterlockedDecrement
GetDateFormatW
LoadLibraryW
GetEnvironmentStringsA
IsBadReadPtr
FormatMessageW
GlobalLock
GetModuleHandleA
OutputDebugStringA
SetLastError
GetSystemWindowsDirectoryW
GetProcAddress
InitializeCriticalSection
QueryPerformanceCounter
IsValidCodePage
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStartupInfoA
DeleteCriticalSection
GlobalUnlock
GetComputerNameW
GetTickCount
WideCharToMultiByte
OutputDebugStringW
LocalFree
GetModuleFileNameW
RemoveDirectoryW
lstrcmpiW
lstrlenW
CreateFileW
GetSystemTimeAsFileTime
lstrcpyW
GetLastError
SetUnhandledExceptionFilter
LocalReAlloc
InterlockedIncrement

advapi32

RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW

comctl32

PropertySheetW
CreatePropertySheetPageW

user32

LoadImageW
MessageBoxW
SetCursor
SystemParametersInfoW
GetDC
SendMessageW
EnableWindow
LoadCursorW
SetWindowTextW
GetParent
SetWindowLongW
GetWindowLongW
wsprintfW
ReleaseDC
LoadBitmapW
SendDlgItemMessageW
DialogBoxParamW
SetDlgItemTextW
InsertMenuItemW
LoadIconW
LoadStringW
PostMessageW
SetFocus
GetDlgItem
RegisterClipboardFormatW
GetDlgItemTextA
EndDialog
WinHelpW

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

Sections

.code
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64c6f83d1bada1ec897b30aeea8447d9

Headers

File Characteristics

Imports

certcli

msvcrt

kernel32

advapi32

comctl32

user32

gdi32

Sections

.code Size: 72KB - Virtual size: 72KB

.rdata Size: 16KB - Virtual size: 6.2MB

.rsrc Size: 2KB - Virtual size: 1KB

.data Size: 106KB - Virtual size: 105KB

.code
Size: 72KB - Virtual size: 72KB

.rdata
Size: 16KB - Virtual size: 6.2MB

.rsrc
Size: 2KB - Virtual size: 1KB

.data
Size: 106KB - Virtual size: 105KB